Declaration of Authorship I declare that this thesis titled, ‘Methods for modeling and verifying event-driven systems’ and the work presented in it are my own I rm that: I have acknowledged all main sources of help Where I have quoted from the work of others, the source is always given With the exception of such quotations, this thesis is entirely my own work Where the thesis is based on work done by myself jointly with others, I have made clear exactly what was done by others and what I have contributed myself This work was done wholly while in studying for a PhD degree Signed: Date: i Abstract Modeling and veri cation plays an important role in software engineering because it improves the reliability of software systems Software development technologies introduce a variety of methods or architectural styles Each system based on a di erent architecture is often pro-posed with di erent suitable approaches to verify its correctness Among these architectures, the eld of event-driven architecture is broad in both academia and industry resulting the amount of work on modeling and veri cation of event-driven systems The goals of this thesis are to propose e ective methods for modeling and veri cation of event-driven systems that react to emitted events using Event-Condition-Action (ECA) rules and Fuzzy If-Then rules This thesis considers the particular characteristics and the special issues attaching with speci c types such as database and context-aware systems, then uses Event-B and its supporting tools to analyze these systems First, we introduce a new method to formalize a database system including triggers by propos-ing a set of rules for translating database elements to Event-B constructs After the modeling, we can formally check the data constraint preservation property and detect the in nite loops of the system Second, the thesis proposes a method which employs Event-B re nement for incrementally modeling and verifying context-aware systems which also use ECA rules to adapt the context situation changes Context constraints preservation are proved automatically with the Rodin tool Third, the thesis works further on modeling event-driven systems whose behavior is speci ed by Fuzzy If-Then rules We present a re nement-based approach to modeling both discrete and timed systems described with imprecise requirements Finally, we make use of Event-B re nement and existing reasoning methods to verify both safety and eventuality properties of imprecise systems requirements Acknowledgements First of all, I would like to express my sincere gratitude to my rst supervisor Assoc Prof Dr Truong Ninh Thuan and my second supervisor Assoc Prof Pham Bao Son for their support and guidance They not only teach me how to conduct research work but also show me how to nd passion on science Besides my supervisors, I also would like to thank Assoc Prof Dr Nguyen Viet Ha and lecturers at Software Engineering department for their valuable comments about my research work in each seminar I would like to thank Professor Shin Nakajima for his support and guidance during my intern-ship research at National Institute of Informatics, Japan My sincere thanks also goes to Hanoi University of Mining and Geology and my colleges there for their support during my PhD study Last but not least, I would like to thank my family: my parents, my wife, my children for their unconditional support in every aspect I would not complete the thesis without their encouragement iii Contents Declaration of Authorship Abstract Acknowledgements Table of Contents List of Abbreviations List of Tables List of Figures Introduction 1.1 1.2 1.3 1.4 1.5 Motivation Objectives Literature review Contributions Thesis structure Backgrounds 2.1 2.2 2.3 Temporal logic Classical set theory Fuzzy sets and Fuzzy If-Then rules 2.3.1 2.3.2 Formal methods 2.4.1 2.4.2 2.4.3 Event-B 2.5.1 2.4 2.5 iv Contents 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.6 Rodin tool 2.7 Event-driven systems 2.7.1 2.7.2 2.7.3 2.8 Chapter conclusions Modeling and verifying database trigger systems 3.1 Introduction 3.2 Related work 3.3 Modeling and verifying database 3.3.1 3.3.2 3.3.3 3.4 A case study: Human resources 3.4.1 3.4.2 3.4.3 3.5 Support tool: Trigger2B 3.5.1 3.5.2 3.6 Chapter conclusions Modeling and verifying context-aware systems 4.1 Introduction 4.2 Related work 4.3 Formalizing context awareness 4.3.1 4.3.2 4.3.3 4.4 A case study: Adaptive Cruise C 4.4.1 4.4.2 4.4.3 4.4.4 4.5 Chapter conclusions Modeling and verifying imprecise system requirements 5.1 Introduction 5.2 Related work Contents 5.3 Modeling fuzzy requirements 5.3.1 5.3.2 5.3.3 5.4 Verifying safety and eventuality p 5.4.1 5.4.2 5.4.3 5.4.4 5.5 A case study: Container Crane C 5.5.1 5.5.2 5.5.3 5.6 Chapter conclusions Conclusions 6.1 Achievements 6.2 Limitations 6.3 Future work List of Publications Bibliography A Event-B speci cation of Trigger example A.1 Context speci cation of Trigger exam A.2 Machine speci cation of Trigger exam B Event-B speci cation of the ACC system B.1 Context speci cation of ACC system B.2 Machine speci cation of ACC system B.3 Extended context B.4 Re ned machine C Event-B speci cations and proof obligations of Crane Controller Example C.1 Context speci cation of Crane Contro C.2 Extended context C.3 Machine speci cation of Crane Contro C.4 Re ned machine C.5 Proof obligations for checking the saf Contents C.6 Proof obligations for checking convergence properties List of Abbreviations DDL Data Da nition Language DML Data Manipulation Language PO Proof Obligation LTL Linear Temporal Logic SCR Software Cost Reduction ECA Event Condition Action VDM Vienna Development Method VDM-SL Vienna Development Method - Speci cation Language FM Formal Method PTL Propositional Temporal Logic CTL Computational Temporal Logic SCR Software Cost Reduction AMN Abstract Machine Notation viii List of Tables 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 Truth tables for propositional operators Meaning of temporal operators Truth table of implication operator Comparison of B, Z and VDM [1] Relations and functions in Event-B INV proof obligation VAR PO with numeric variant VAR PO with nite set variant 3.1 3.2 3.3 3.4 3.5 3.6 Translation rules between database and Event-B Formalizing a trigger Encoding trigger actions Table EMPLOYEES and BONUS INV PO of event trigger1 In nite loop proof obligation of event trigger1 4.1 4.2 4.3 Modeling a context rule by an Event-B Event Transformation between context-aware systems and E Proof of context constraint preservation 5.1 5.2 5.3 INV PO of event evt4 Deadlock free PO of machine Crane VAR PO of event evt4 C.1 C.2 C.3 C.4 C.5 C.6 C.7 C.8 C.9 C.10 C.11 C.12 INV PO of event evt1 INV PO of event evt2 INV PO of event evt3 INV PO of event evt5 VAR PO of event evt1 NAT PO of event evt1 VAR PO of event evt2 NAT PO of event evt2 VAR PO of event evt3 NAT PO of event evt3 VAR PO of event evt5 NAT PO of event evt5 ix List of Figures 1.1 Types of event-driven systems 1.2 Thesis structure 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 Basic structure of an Event B model An Event-B context example Forms of Event-B Events Event-B re nement Event re nement in Event-B A convergent event The Rodin tool A layered conceptual framework for context-aware systems 3.1 3.2 3.3 3.4 3.5 3.6 3.7 Partial Event-B speci cation for a database system A part of Event-B Context A part of Event-B machine Encoding trigger Architecture of Trigger2B tool A partial parsed tree syntax of a general trigger The modeling result of the scenario generated by Trigger2B 4.1 4.2 4.3 4.4 4.5 4.6 A simple context-aware system Incremental modeling using re nement Abstract Event-B model for ACC system Events with strengthened guards Re ned Event-B model for ACC system Checking properties in Rodin 5.1 5.2 5.3 5.4 5.5 A part of Event-B speci cation for discrete transitions mode A part of Event-B speci cation for continuous transitions mo A part of Event-B speci cation for eventuality property mode Container Crane Control system Safety properties are ensured in the Rodin tool automatical x ... functionalities and behavior There are a few of methods for verifying event- driven systems which are described by vague, uncertain or imprecise requirements For these reasons, new suitable methods for modeling. .. working on analysing event- driven systems as well as formalizing ECA rules Researchers have proposed many approaches to modeling and verifying both centralized and distributed event- driven systems... thesis are to propose e ective methods for modeling and veri cation of event- driven systems that react to emitted events using Event- Condition-Action (ECA) rules and Fuzzy If-Then rules This thesis